This Windows 10 computer is running much slower than usual, and on at least one website, a trusted one, a link redirects to a location that hangs the computer and gives me a toll free number to call for help. It claims to be a Microsoft number, but the person answering says "Tech Support," does not work for Microsoft, and wants to connect to my computer to "diagnose the problem." I think I might have some malware!
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-07-2019
Ran by jhauk (administrator) on DESKTOP-6JBP3L9 (Dell Inc. Inspiron 3670) (30-07-2019 10:40:36)
Running from C:\Users\jhauk\Desktop
Loaded Profiles: jhauk (Available Profiles: jhauk)
Platform: Windows 10 Home Version 1809 17763.615 (X64) Language: English (United States)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19062.451.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
(Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
(Dell Inc -> Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe
(Google LLC -> ) C:\Program Files\Google\Drive File Stream\32.0.11.0\crashpad_handler.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe
(Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxCUIService.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3a8cbc27c6d7029f\IntelCpHDCPSvc.exe
(Intel® pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_3a8cbc27c6d7029f\IntelCpHeciSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel® Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_77108672a20718cf\RstMwService.exe
(Logitech Inc -> Logitech) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
(Logitech Inc -> Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\laclient.exe
(Logitech Inc -> Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
(McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\mcafee\amcore\mcshield.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfefire.exe
(McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\servicehost.exe
(McAfee, LLC -> McAfee, Inc.) C:\Program Files\mcafee\WebAdvisor\uihost.exe
(McAfee, LLC. -> McAfee, Inc.) C:\Program Files\Common Files\mcafee\pef\CORE\PEFService.exe
(McAfee, LLC. -> McAfee, LLC) C:\Program Files\Common Files\mcafee\VSCore_19_5\mcapexe.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\csp\3.1.286.0\McCSPServiceHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\mmsshost\MMSSHOST.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\modulecore\ModuleCoreService.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\modulecore\ProtectedModuleHost.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\Common Files\mcafee\platform\McUICnt.exe
(McAfee, LLC. -> McAfee, LLC.) C:\Program Files\mcafee\mfeav\MfeAVSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.50.38.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11906.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe
(PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\pcdrwi.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_service.exe
(Pro Softnet Corporation -> Prosoftnet) C:\Program Files (x86)\IDriveWindows\id_tray.exe
(Qualcomm Atheros -> Windows ® Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe
(Rivet Networks LLC -> CloudBees, Inc.) C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe
(Rivet Networks LLC -> DELL) C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe
(Rivet Networks LLC -> Rivet Networks LLC) C:\Program Files\Rivet Networks\SmartByte\RNDBWM.exe
(Rivet Networks LLC -> Rivet Networks) C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe
(Waves Inc -> Waves Audio Ltd.) C:\Windows\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe
(Wondershare Technology Co.,Ltd -> Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSvc64.exe [1222536 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWStartup.exe [313064 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [320056 2019-02-27] (Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [3942864 2016-10-13] (Logitech -> Logitech, Inc.)
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [2177160 2019-06-30] (Logitech Inc -> Logitech, Inc.)
HKLM-x32\...\Run: [IDrive Background process] => C:\Program Files (x86)\IDriveWindows\id_bglaunch.exe [77496 2019-03-11] (Pro Softnet Corporation -> Prosoftnet)
HKLM-x32\...\Run: [IDrive Tray] => C:\Program Files (x86)\IDriveWindows\id_tray.exe [2015928 2019-03-11] (Pro Softnet Corporation -> Prosoftnet)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\32.0.11.0\GoogleDriveFS.exe [38275880 2019-06-27] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1403224 2015-05-07] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\MountPoints2: {132fee6d-68d6-11e9-b9c1-283a4d347e22} - "E:\Setup.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-16] (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0198E9C4-F698-4B33-B9AD-D169536351F3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {06B1142B-0C72-4434-9B7C-C4BF16823D39} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_223_pepper.exe [1453112 2019-07-09] (Adobe Inc. -> Adobe)
Task: {08F613EF-2C13-43C5-B1C1-95BA0795A0A2} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\1.3.102\DADUpdater.exe [4137608 2019-07-25] (McAfee, LLC. -> McAfee, Inc.)
Task: {112039E5-98E0-441B-A466-4D33EC626CCE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2AB14D09-8E5E-4050-AB97-FF38B88744B6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-07-09] (Adobe Inc. -> Adobe)
Task: {35E9EA14-2BCD-4003-998D-0ABCBF9814E8} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1512920 2019-05-24] (Dell Inc. -> Dell Inc.)
Task: {38C5CA0A-172C-4615-A359-C46A83CA3747} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {4C26AFD1-5C37-4F8A-BC2C-27E939578E35} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
Task: {4D8D415E-05CA-4035-9C81-FF2379E407FC} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [25944 2015-05-07] (Garmin International, Inc. -> )
Task: {5593322D-AF94-43F1-B8E8-13F67E515E3B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {615C6796-E688-4E21-B2A1-4A698F1768E5} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4545544 2019-06-04] (McAfee, LLC -> McAfee, LLC.)
Task: {7EF23CDC-36C9-4405-8F3F-4860BFEB1D8D} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [759744 2019-06-11] (McAfee, LLC. -> McAfee, LLC.)
"C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
Task: {845E8A81-D62C-4750-828B-9BF0FBCBBC87} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1028256 2019-06-04] (McAfee, LLC. -> McAfee, LLC.)
Task: {9D94C351-9B82-46BC-BB95-0FED553E341C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26804232 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {B856BD0D-AF00-434C-B704-496ACF614423} - System32\Tasks\SmartByte Telemetry => C:\Program Files\Rivet Networks\SmartByte\SmartByteTelemetry.exe [32448 2018-12-04] (Rivet Networks LLC -> DELL)
Task: {BDA1B568-739C-494B-9E83-D6A37DDCFD4F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2208400 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {C2E1123D-C6A2-406A-A308-AF09222B7D41} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1028256 2019-06-04] (McAfee, LLC. -> McAfee, LLC.)
Task: {F9D9754C-5D02-4531-8BB9-7B3526AF98E5} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2248312 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FAC8922D-D9DC-481C-B9D8-4AA6D2E54601} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [152112 2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {FCA6206D-B840-474E-8114-64E82E20DEBF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-18] (Google Inc -> Google Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{e6d416ea-722e-4537-9bf4-49c06dbe3514}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://dell17win10.msn.com/?pc=DCTE
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell17win10.msn.com/?pc=DCTE
SearchScopes: HKU\S-1-5-21-1015540938-3996997567-1391499832-1001 -> DefaultScope {43B1B2E9-843B-4459-8E32-95BA5A2117FD} URL =
BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2019-07-19] (McAfee, LLC -> McAfee, Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-04-03] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2019-07-19] (McAfee, LLC -> McAfee, Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-07-12] (Microsoft Corporation -> Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2019-06-28] (McAfee, LLC. -> McAfee, LLC.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2019-06-28] (McAfee, LLC. -> McAfee, LLC.)
FireFox:
========
FF DefaultProfile: ou4ydgfb.default-1553941110074
FF ProfilePath: C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 [2019-07-30]
FF Homepage: Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074 -> hxxps://www.facebook.com/?sk=h_chr|hxxps://mail.google.com/mail/u/0/#inbox|hxxps://calendar.google.com/calendar/r/day?tab=mc
FF Extension: (Facebook Container) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\@contain-facebook.xpi [2019-07-08]
FF Extension: (F.B Purity - Cleans up Facebook (WX)) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\[email protected] [2019-07-30] [UpdateUrl:hxxps://www.fbpurity.com/FF-FBP-Ext-Updates.json]
FF Extension: (FunKrazyGames) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{8d9fbceb-756f-417a-a691-de9a2c1c5648}.xpi [2019-07-22] [UpdateUrl:hxxps://browser-addon.s3.amazonaws.com/prod/funkrazygames/updates.json]
FF Extension: (SearchOurGames ads) - C:\Users\jhauk\AppData\Roaming\Mozilla\Firefox\Profiles\ou4ydgfb.default-1553941110074\Extensions\{d51b14e2-4c5f-4601-b2b6-af8b572171cc}.xpi [2019-07-25] [UpdateUrl:hxxps://browser-addon.s3.amazonaws.com/prod/searchourgames/updates.json]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF Extension: (McAfee® WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2019-07-19]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSKHKLM => not found
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2019-07-25] [Legacy] [not signed]
FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2019-06-28] (McAfee, LLC. -> )
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-06-25] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll [2015-10-29] (CANON INC.) [File not signed]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2019-06-28] (McAfee, LLC. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-04-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-29] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-29] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-02] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxps://mail.google.com/mail/u/0/#inbox","hxxps://calendar.google.com/calendar/r?tab=mc","hxxps://www.facebook.com/"
CHR NewTab: Default -> Not-active:"chrome-extension://bcedopgbjnjfngcejdmkppbcmcgndpkg/newtab/quicknewtabpage.html"
CHR DefaultSearchURL: Default -> hxxps://www.searchencrypt.com/encsearch?q={searchTerms}
CHR DefaultSearchKeyword: Default -> se
CHR DefaultSuggestURL: Default -> hxxps://www.searchencrypt.com/encsuggest?q={searchTerms}
CHR Profile: C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default [2019-07-30]
CHR Extension: (Slides) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-18]
CHR Extension: (Docs) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-03-18]
CHR Extension: (Google Drive) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-18]
CHR Extension: (Satellite Earth) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcedopgbjnjfngcejdmkppbcmcgndpkg [2019-07-25]
CHR Extension: (YouTube) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-03-18]
CHR Extension: (Sheets) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-03-18]
CHR Extension: (McAfee® WebAdvisor) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2019-04-25]
CHR Extension: (Google Docs Offline) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-03-18]
CHR Extension: (Search Encrypt) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnlabkgljnlaidbnocfhgdeajcgmahml [2019-07-09]
CHR Extension: (MapsDrivingDirections) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjdjloakmpghjjkijglfmonejilicedl [2019-05-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2019-03-18]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2019-07-30]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-03-18]
CHR Extension: (Gmail) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-28]
CHR Extension: (Chrome Media Router) - C:\Users\jhauk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-21]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AtherosSvc; C:\WINDOWS\System32\drivers\AdminService.exe [416064 2018-04-24] (Qualcomm Atheros -> Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11413600 2019-06-26] (Microsoft Corporation -> Microsoft Corporation)
S3 ClientAnalyticsService; C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [1511728 2017-09-21] (McAfee, Inc. -> McAfee, Inc.)
R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [209392 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3363824 2019-02-28] (Dell Inc -> Dell Inc.)
R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [218096 2019-02-28] (Dell Inc -> Dell Inc.)
R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7033.2285\DSAPI.exe [1050952 2019-05-29] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [124568 2018-04-20] (Dell Inc -> Dell Inc.)
R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [35976 2018-11-12] (Dell Inc -> )
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [715784 2015-05-07] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
S4 HfcDisableService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_77108672a20718cf\HfcDisableService.exe [1860784 2019-02-27] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfsService; C:\WINDOWS\System32\iaStorAfsService.exe [2834096 2019-02-27] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 IDriveService; C:\Program Files (x86)\IDriveWindows\id_service.exe [258744 2019-03-11] (Pro Softnet Corporation -> Prosoftnet)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\SocketHeciServer.exe [775904 2018-09-14] (Intel® Trust Services -> Intel® Corporation)
S2 Intel® TPM Provisioning Service; C:\Program Files\Intel\Intel® Management Engine Components\iCLS\TPMProvisioningService.exe [705760 2018-09-14] (Intel® Trust Services -> Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [218176 2018-11-16] (Intel® Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [899264 2019-07-19] (McAfee, LLC -> McAfee, Inc.)
R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_19_5\McApExe.exe [747384 2019-06-19] (McAfee, LLC. -> McAfee, LLC)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [455584 2017-09-27] (McAfee, Inc. -> McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.1.286.0\\McCSPServiceHost.exe [2226608 2019-06-13] (McAfee, LLC. -> McAfee, LLC.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [376992 2019-04-26] (McAfee, Inc. -> McAfee, LLC)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [609920 2019-04-26] (McAfee, Inc. -> McAfee, LLC)
R3 mfevtp; C:\Windows\system32\mfevtps.exe [542240 2019-04-26] (McAfee, Inc. -> McAfee, LLC)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1700272 2019-06-04] (McAfee, LLC. -> McAfee, LLC.)
R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [1361888 2019-06-13] (McAfee, LLC. -> McAfee, Inc.)
R2 RNDBWM; C:\Program Files\Rivet Networks\SmartByte\RNDBWMService.exe [64184 2018-12-04] (Rivet Networks LLC -> CloudBees, Inc.)
R2 RstMwService; C:\WINDOWS\System32\DriverStore\FileRepository\iastorac.inf_amd64_77108672a20718cf\RstMwService.exe [2115760 2019-02-27] (Intel® Rapid Storage Technology -> Intel Corporation)
R2 RtkAudioUniversalService; C:\WINDOWS\System32\RtkAudUService64.exe [834336 2019-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 SmartByte Network Service x64; C:\Program Files\Rivet Networks\SmartByte\SmartByteNetworkService.exe [2114248 2018-12-04] (Rivet Networks LLC -> Rivet Networks)
R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [39896 2019-05-24] (Dell Inc. -> Dell Inc.)
R2 WavesSysSvc; C:\WINDOWS\System32\DriverStore\FileRepository\wavesapo75de.inf_amd64_5ff36f834a6d461a\WavesSysSvc64.exe [884616 2018-12-05] (Waves Inc -> Waves Audio Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3831576 2019-06-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation -> Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.237\WsAppService.exe [495720 2018-07-04] (Wondershare Technology Co.,Ltd -> Wondershare)
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\TunesGo\DriverInstall.exe [107624 2018-12-13] (Wondershare Technology Co.,Ltd -> Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 athr; C:\WINDOWS\System32\drivers\athw10x.sys [4322768 2018-11-15] (Qualcomm Atheros -> Qualcomm Atheros Communications, Inc.)
R3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [77360 2019-05-15] (McAfee, Inc. -> McAfee, LLC)
R3 DDDriver; C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [40824 2019-02-27] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
S3 DellProf; C:\WINDOWS\system32\drivers\DellProf.sys [41208 2018-05-08] (Techporch Incorporated -> Dell Computer Corporation)
R1 googledrivefs2713; C:\WINDOWS\System32\DRIVERS\googledrivefs2713.sys [123736 2019-05-20] (Google LLC -> Google, Inc.)
R3 HfAudio; C:\WINDOWS\System32\drivers\HfAudio.sys [91200 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [226984 2018-05-02] (McAfee, Inc. -> McAfee, Inc.)
R0 iaStorAC; C:\WINDOWS\System32\drivers\iaStorAC.sys [1018328 2019-02-27] (Intel® Rapid Storage Technology -> Intel Corporation)
S3 iaStorAfs; C:\WINDOWS\System32\drivers\iaStorAfs.sys [73904 2019-02-27] (Intel® Rapid Storage Technology -> Intel Corporation)
R3 mfeaack; C:\WINDOWS\System32\drivers\mfeaack.sys [523336 2019-05-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [380976 2019-05-15] (McAfee, Inc. -> McAfee, LLC)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [86144 2019-05-15] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [518192 2019-05-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [991792 2019-05-15] (McAfee, Inc. -> McAfee, LLC)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [565080 2019-05-02] (McAfee, Inc. -> McAfee LLC.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [108888 2019-05-02] (McAfee, Inc. -> McAfee LLC.)
R3 mfeplk; C:\WINDOWS\System32\drivers\mfeplk.sys [118320 2019-05-15] (McAfee, Inc. -> McAfee, LLC)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [254000 2019-05-15] (McAfee, Inc. -> McAfee, LLC)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010656 2017-11-20] (Realtek Semiconductor Corp. -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [424384 2018-02-27] (Realtek Semiconductor Corp. -> Realsil Semiconductor Corporation)
R3 ScrHIDDriver2; C:\WINDOWS\System32\drivers\ScrHIDDriver2.sys [75800 2018-10-05] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
R3 SmbCoSvc; C:\WINDOWS\system32\DRIVERS\SmbCo10X64.sys [120008 2018-12-04] (Rivet Networks LLC -> Rivet Networks, LLC.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-30 10:40 - 2019-07-30 10:42 - 000034919 _____ C:\Users\jhauk\Desktop\FRST.txt
2019-07-30 10:39 - 2019-07-30 10:40 - 000000000 ____D C:\FRST
2019-07-30 10:38 - 2019-07-30 10:38 - 002096128 _____ (Farbar) C:\Users\jhauk\Desktop\FRST64.exe
2019-07-30 10:33 - 2019-07-30 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2019-07-30 07:20 - 2019-07-30 07:20 - 001148139 _____ C:\Users\jhauk\Documents\aukerman20190730 (2019-07-30).rmgb
2019-07-30 07:16 - 2019-07-30 10:42 - 004630528 _____ C:\Users\jhauk\Documents\aukerman20190730.rmgc
2019-07-30 07:16 - 2019-07-30 07:16 - 000000489 _____ C:\Users\jhauk\Documents\aukerman20190730.LST
2019-07-29 07:00 - 2019-07-29 07:14 - 000000000 ____D C:\ProgramData\Garmin
2019-07-29 07:00 - 2019-07-29 07:01 - 000000000 ____D C:\Users\jhauk\AppData\Local\Garmin_Ltd._or_its_subsid
2019-07-29 07:00 - 2019-07-29 07:00 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Garmin
2019-07-29 07:00 - 2019-07-29 07:00 - 000000000 ____D C:\Program Files\DIFX
2019-07-29 06:59 - 2019-07-29 07:00 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-07-29 06:59 - 2019-07-29 06:59 - 000003624 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2019-07-29 06:59 - 2019-07-29 06:59 - 000001965 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2019-07-29 06:59 - 2019-07-29 06:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2019-07-25 01:09 - 2019-05-02 23:28 - 000565080 _____ (McAfee LLC.) C:\WINDOWS\SMSS-PFRO7e19.tmp
2019-07-25 01:08 - 2019-07-25 01:08 - 000003316 _____ C:\WINDOWS\System32\Tasks\McAfeeLogon
2019-07-25 01:06 - 2019-05-15 16:46 - 000523336 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeaack.sys
2019-07-25 01:06 - 2019-05-15 16:46 - 000118320 _____ (McAfee, LLC) C:\WINDOWS\system32\Drivers\mfeplk.sys
2019-07-25 01:06 - 2019-04-26 12:02 - 000542240 _____ (McAfee, LLC) C:\WINDOWS\system32\mfevtps.exe
2019-07-22 06:58 - 2019-07-22 06:58 - 004593298 _____ C:\Users\jhauk\Desktop\Succession planning NP WebAdvisors Dec 2018 v2.pptx
2019-07-21 07:19 - 2019-07-21 07:19 - 000001787 _____ C:\Users\jhauk\Downloads\Untitled9780525555353 (2).acsm
2019-07-20 06:36 - 2019-07-22 05:38 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-07-19 06:40 - 2019-07-19 06:40 - 000001787 _____ C:\Users\jhauk\Downloads\Untitled9780525555353.acsm
2019-07-19 06:40 - 2019-07-19 06:40 - 000001787 _____ C:\Users\jhauk\Downloads\Untitled9780525555353 (1).acsm
2019-07-18 07:06 - 2019-07-18 07:06 - 000000000 ____D C:\Users\jhauk\AppData\Local\4kdownload.com
2019-07-18 07:05 - 2019-07-18 07:05 - 000000966 _____ C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\4K Video Downloader.lnk
2019-07-18 07:05 - 2019-07-18 07:05 - 000000000 ____D C:\Program Files\4KDownload
2019-07-18 06:04 - 2019-07-18 06:04 - 000000000 ____D C:\Users\jhauk\AppData\Local\Deployment
2019-07-18 06:04 - 2019-07-18 06:04 - 000000000 ____D C:\Users\jhauk\AppData\Local\Apps\2.0
2019-07-18 06:04 - 2019-07-18 06:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2019-07-18 06:04 - 2019-07-18 06:04 - 000000000 ____D C:\Program Files\Common Files\Adobe
2019-07-18 06:04 - 2019-07-18 06:04 - 000000000 ____D C:\Program Files\Adobe
2019-07-18 06:03 - 2019-07-18 06:03 - 000000000 ____D C:\Program Files\Logitech
2019-07-11 00:05 - 2019-07-11 00:05 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1015540938-3996997567-1391499832-1001
2019-07-11 00:05 - 2019-07-11 00:05 - 000002369 _____ C:\Users\jhauk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-10 08:58 - 2019-07-10 08:58 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 019012096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 012243968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 007727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 005115384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 004880896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 003738624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-07-10 08:58 - 2019-07-10 08:58 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-07-10 08:58 - 2019-07-10 08:58 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 001266192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-10 08:58 - 2019-07-10 08:58 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2019-07-10 08:58 - 2019-07-10 08:58 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-07-10 08:58 - 2019-07-10 08:58 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000747568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2019-07-10 08:58 - 2019-07-10 08:58 - 000743216 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2019-07-10 08:58 - 2019-07-10 08:58 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000687896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2019-07-10 08:58 - 2019-07-10 08:58 - 000673520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2019-07-10 08:58 - 2019-07-10 08:58 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-10 08:58 - 2019-07-10 08:58 - 000430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-10 08:58 - 2019-07-10 08:58 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000290304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\MbbCx.sys
2019-07-10 08:58 - 2019-07-10 08:58 - 000263360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2019-07-10 08:58 - 2019-07-10 08:58 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-07-10 08:58 - 2019-07-10 08:58 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2019-07-10 08:58 - 2019-07-10 08:58 - 000092592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-10 08:58 - 2019-07-10 08:58 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-10 08:58 - 2019-07-10 08:58 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-10 08:57 - 2019-07-10 08:58 - 012938752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 023454208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 022115472 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 007876096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 007645600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 006545304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 006308232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 005587976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 005566464 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 005561312 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 005528064 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 005297664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 004303872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 003818416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 003636224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 003630592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 003081728 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002982400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002871816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002714624 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002701000 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002626872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 002278784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002073472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 002050048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001994760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001837136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001794048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001763328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001721352 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001702088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-10 08:57 - 2019-07-10 08:57 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001477648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001472808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001465464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001427592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001345168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-10 08:57 - 2019-07-10 08:57 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001259520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001182448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 001162320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001159168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001125416 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001075712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 001052672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000998928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000964608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000810504 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000807480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000804744 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000771584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000660032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000652528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000637968 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000553992 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000514136 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000439096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-07-10 08:57 - 2019-07-10 08:57 - 000414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000397688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000333128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.internal.shellcommon.shareexperience.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000324624 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000279920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmd.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000219448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-10 08:57 - 2019-07-10 08:57 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000164368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000157024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000149232 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000137864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000121896 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000115120 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompMgmtLauncher.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000054272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-07-10 08:57 - 2019-07-10 08:57 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-10 08:57 - 2019-07-10 08:57 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2019-07-10 08:56 - 2019-07-10 08:57 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 004351448 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 003335216 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 002766136 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 002593336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 002085376 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001676288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001662480 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001308672 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 001208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001199616 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 001052984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 001043968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2019-07-10 08:56 - 2019-07-10 08:56 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000987736 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000895552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000871784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000865272 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000850992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000799776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000770096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000768224 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000758896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000756224 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000731104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000680176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000652296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-07-10 08:56 - 2019-07-10 08:56 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000511504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2019-07-10 08:56 - 2019-07-10 08:56 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000423480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000310288 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000298296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000294000 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000241944 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2019-07-10 08:56 - 2019-07-10 08:56 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000197832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2019-07-10 08:56 - 2019-07-10 08:56 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000141216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000117720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-07-10 08:56 - 2019-07-10 08:56 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-07-10 08:56 - 2019-07-10 08:56 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-07-10 08:56 - 2019-07-10 08:56 - 000036360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-07-10 08:56 - 2019-07-10 08:56 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-07-09 06:44 - 2019-07-09 06:44 - 004863032 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2019-07-06 09:36 - 2019-07-06 09:36 - 010588523 _____ C:\Users\jhauk\Documents\FUNK (2019-07-06).rmgb
2019-07-06 07:39 - 2019-07-06 07:40 - 000267821 _____ C:\Users\jhauk\Documents\ACKERMAN (2019-07-06).rmgb
2019-07-06 07:38 - 2019-07-06 07:38 - 009888703 _____ C:\Users\jhauk\Documents\menges (2019-07-06).rmgb
2019-07-06 07:38 - 2019-07-06 07:38 - 000269590 _____ C:\Users\jhauk\Documents\renner (2019-07-06).rmgb
2019-07-06 07:37 - 2019-07-06 07:37 - 002242471 _____ C:\Users\jhauk\Documents\leehouse (2019-07-06).rmgb
2019-07-06 07:37 - 2019-07-06 07:37 - 000286953 _____ C:\Users\jhauk\Documents\hladmitchell (2019-07-06).rmgb
2019-07-06 07:37 - 2019-07-06 07:37 - 000259010 _____ C:\Users\jhauk\Documents\huff (2019-07-06).rmgb
2019-07-06 07:37 - 2019-07-06 07:37 - 000241343 _____ C:\Users\jhauk\Documents\rand (2019-07-06).rmgb
2019-07-06 07:35 - 2019-07-29 10:59 - 001932288 _____ C:\Users\jhauk\Documents\woodrum.rmgc
2019-07-06 07:35 - 2019-07-06 07:35 - 000000457 _____ C:\Users\jhauk\Documents\woodrum.LST
2019-07-06 07:35 - 2019-07-06 07:35 - 000000359 _____ C:\Users\jhauk\Documents\renner.LST
2019-07-06 07:34 - 2019-07-29 10:59 - 001466368 _____ C:\Users\jhauk\Documents\renner.rmgc
2019-07-06 07:34 - 2019-07-29 10:59 - 001362944 _____ C:\Users\jhauk\Documents\rand.rmgc
2019-07-06 07:34 - 2019-07-06 07:34 - 000000357 _____ C:\Users\jhauk\Documents\rand.LST
2019-07-06 07:33 - 2019-07-29 10:59 - 035849216 _____ C:\Users\jhauk\Documents\menges.rmgc
2019-07-06 07:33 - 2019-07-06 07:33 - 000000359 _____ C:\Users\jhauk\Documents\menges.LST
2019-07-06 07:32 - 2019-07-29 10:58 - 007145472 _____ C:\Users\jhauk\Documents\leehouse.rmgc
2019-07-06 07:32 - 2019-07-29 10:58 - 001427456 _____ C:\Users\jhauk\Documents\huff.rmgc
2019-07-06 07:32 - 2019-07-06 07:32 - 000000428 _____ C:\Users\jhauk\Documents\leehouse.LST
2019-07-06 07:32 - 2019-07-06 07:32 - 000000357 _____ C:\Users\jhauk\Documents\huff.LST
2019-07-06 07:31 - 2019-07-29 10:58 - 001537024 _____ C:\Users\jhauk\Documents\hladmitchell.rmgc
2019-07-06 07:31 - 2019-07-06 07:31 - 000000365 _____ C:\Users\jhauk\Documents\hladmitchell.LST
2019-07-06 07:23 - 2019-07-06 07:41 - 000314951 _____ C:\Users\jhauk\Documents\gordon (2019-07-06).rmgb
2019-07-06 07:23 - 2019-07-06 07:23 - 000000359 _____ C:\Users\jhauk\Documents\gordon.LST
2019-07-06 07:22 - 2019-07-29 10:56 - 001619968 _____ C:\Users\jhauk\Documents\gordon.rmgc
2019-07-04 16:59 - 2019-07-04 16:59 - 000266935 _____ C:\Users\jhauk\Documents\ACKERMAN (2019-07-04).rmgb
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-07-30 10:42 - 2018-09-15 03:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-30 10:34 - 2019-03-18 10:16 - 000000000 ____D C:\ProgramData\IDrive
2019-07-30 10:33 - 2019-03-18 09:43 - 000000000 ____D C:\Users\jhauk\AppData\LocalLow\Mozilla
2019-07-30 10:33 - 2018-09-15 03:31 - 000000000 ____D C:\WINDOWS\INF
2019-07-30 10:32 - 2019-03-18 12:25 - 000000000 ____D C:\Users\jhauk\AppData\Local\D3DSCache
2019-07-30 10:30 - 2019-04-03 13:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-30 10:30 - 2019-04-03 12:42 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-30 10:19 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-30 10:11 - 2019-04-03 12:55 - 000842664 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-07-30 09:59 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\Registration
2019-07-30 09:57 - 2019-04-03 13:02 - 000000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2019-07-30 09:56 - 2018-11-21 03:36 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-07-30 07:39 - 2018-09-15 03:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-30 07:15 - 2019-04-08 06:46 - 039351296 _____ C:\Users\jhauk\Documents\FUNK.rmgc
2019-07-30 06:46 - 2019-04-09 06:11 - 000000000 ____D C:\Users\jhauk\Desktop\to post
2019-07-30 06:14 - 2018-09-15 02:09 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2019-07-30 00:54 - 2019-03-18 18:50 - 000000000 ____D C:\Users\jhauk\Documents\Bren
2019-07-29 10:51 - 2019-03-19 17:02 - 001378304 _____ C:\Users\jhauk\Documents\ACKERMAN.rmgc
2019-07-29 06:59 - 2018-11-21 03:26 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-29 02:31 - 2019-06-25 05:53 - 000000000 ____D C:\Users\Public\Logi
2019-07-25 07:52 - 2018-11-21 03:36 - 000000000 ____D C:\ProgramData\McAfee
2019-07-25 05:57 - 2019-03-18 09:26 - 000000000 ____D C:\Users\jhauk\AppData\Local\Packages
2019-07-25 01:09 - 2018-11-21 03:36 - 000000000 ____D C:\Program Files\Common Files\mcafee
2019-07-25 01:07 - 2018-09-15 03:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-07-24 07:04 - 2019-03-19 05:21 - 000000000 ____D C:\Users\Aukerman\Desktop\John
2019-07-23 10:10 - 2019-04-03 13:02 - 000003710 _____ C:\WINDOWS\System32\Tasks\McAfee Remediation (Prepare)
2019-07-22 05:38 - 2019-03-18 09:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-20 21:54 - 2019-03-18 09:43 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-07-20 11:51 - 2019-03-18 09:28 - 000000000 ____D C:\Users\jhauk\AppData\Local\PlaceholderTileLogoFolder
2019-07-19 05:56 - 2019-03-20 13:53 - 000000000 ____D C:\Users\jhauk\AppData\Local\ElevatedDiagnostics
2019-07-18 07:09 - 2019-03-18 18:57 - 000000000 ____D C:\Users\jhauk\Desktop\John
2019-07-16 22:46 - 2019-03-18 09:35 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-16 00:42 - 2019-03-27 11:34 - 000000000 ____D C:\Users\jhauk\Desktop\Lou Ann - Choruses; Print-Scan to jpg, print to pdf
2019-07-15 22:33 - 2019-03-18 10:09 - 000002094 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Drive File Stream.lnk
2019-07-15 00:36 - 2019-04-03 12:46 - 000000000 ____D C:\Users\jhauk
2019-07-12 23:10 - 2019-04-02 08:43 - 000000000 ____D C:\Program Files\Microsoft Office
2019-07-11 05:15 - 2019-03-18 09:26 - 000000000 ___RD C:\Users\jhauk\3D Objects
2019-07-11 05:15 - 2018-11-21 04:09 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-11 05:14 - 2019-05-11 07:46 - 000464648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-11 00:29 - 2018-09-15 02:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-11 00:28 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-11 00:28 - 2018-09-15 02:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-11 00:05 - 2019-03-18 09:31 - 000000000 ___RD C:\Users\jhauk\OneDrive
2019-07-10 09:07 - 2018-09-15 03:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-10 09:05 - 2019-03-19 06:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-10 09:02 - 2019-03-19 06:00 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-09 06:44 - 2019-04-03 13:02 - 000004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-07-09 06:44 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2019-07-09 06:44 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2019-07-04 06:20 - 2019-03-18 12:14 - 000000000 ____D C:\Users\jhauk\AppData\Roaming\Audacity
2019-07-03 07:20 - 2019-03-18 18:51 - 000000000 ____D C:\Users\jhauk\Documents\John
2019-07-01 06:20 - 2018-09-15 03:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
==================== Files in the root of some directories ================
2003-11-10 16:27 - 2003-11-10 16:26 - 000376884 _____ () C:\Program Files\image001.bmp
==================== FLock ================
2019-04-03 12:43 C:\Recovery
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-07-2019
Ran by jhauk (30-07-2019 10:42:53)
Running from C:\Users\jhauk\Desktop
Windows 10 Home Version 1809 17763.615 (X64) (2019-04-03 17:03:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1015540938-3996997567-1391499832-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1015540938-3996997567-1391499832-503 - Limited - Disabled)
Guest (S-1-5-21-1015540938-3996997567-1391499832-501 - Limited - Disabled)
jhauk (S-1-5-21-1015540938-3996997567-1391499832-1001 - Administrator - Enabled) => C:\Users\jhauk
WDAGUtilityAccount (S-1-5-21-1015540938-3996997567-1391499832-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan (Enabled - Up to date) {F682A51C-4EAD-6A3A-F460-B9C1D4A2DB09}
AS: McAfee VirusScan (Enabled - Up to date) {4DE344F8-6897-65B4-CED0-82B3AF2591B4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 4.8 (HKLM\...\{2FA2F521-494C-4E8F-8C30-3D3E81590413}) (Version: 4.8.0.2852 - Open Media LLC)
AceMoney (HKLM-x32\...\AceMoney_is1) (Version: - MechCAD Software)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.223 - Adobe)
ANT Drivers Installer x64 (HKLM\...\{3C776B0F-D46B-492A-A1A2-D413FA432AA6}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version: - )
Canon My Image Garden (HKLM-x32\...\Canon My Image Garden) (Version: 3.5.2 - Canon Inc.)
Canon My Image Garden Design Files (HKLM-x32\...\Canon My Image Garden Design Files) (Version: 3.5.2 - Canon Inc.)
Dell Digital Delivery Service (HKLM-x32\...\{DD47FCB3-5038-40CE-A02A-85F51BA03F37}) (Version: 3.6.1012.0 - Dell Products, LP)
Dell Mobile Connect Drivers (HKLM\...\{04DF02C6-E3D7-4D26-A44C-6F8A2E218D2C}) (Version: 1.3.6844 - Screenovate Technologies Ltd.)
Dell SupportAssist (HKLM\...\{806422F1-FC4E-4D7C-8855-05748AEFC031}) (Version: 3.2.2.119 - Dell Inc.)
Dell SupportAssist Remediation (HKLM\...\{2B2C47D2-F037-4C03-B599-07D7AFE8DD54}) (Version: 3.3.0.4943 - Dell Inc.) Hidden
Dell SupportAssist Remediation (HKLM-x32\...\{8ce1a5ae-856e-4b8e-a0e8-27dd7a209276}) (Version: 3.3.0.4943 - Dell Inc.)
Dell Update - SupportAssist Update Plugin (HKLM\...\{7994281D-063E-4A04-9F18-76732CF6765F}) (Version: 3.3.0.4943 - Dell Inc.) Hidden
Dell Update - SupportAssist Update Plugin (HKLM-x32\...\{2cabaef5-a71d-4331-8ba5-16ab64ffc2bb}) (Version: 3.3.0.4943 - Dell Inc.)
Dell Update for Windows 10 (HKLM\...\{70E9F8CC-A23E-4C25-B292-C86C1821587C}) (Version: 3.0.1 - Dell, Inc.)
Elevated Installer (HKLM-x32\...\{536854BE-161A-45E3-8119-9C5170622594}) (Version: 4.0.20.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{2D202D2F-C6F4-4D96-A93F-3BDA7519DE5D}) (Version: 4.0.20.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{cc3a3e9f-5960-4162-9538-497b3a82b52e}) (Version: 4.0.20.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{48EDC72D-3A74-4F6C-9DD2-B8DF3E63B4AB}) (Version: 4.0.20.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Drive File Stream (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 32.0.11.0 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
IDrive Version - 6.7 (HKLM-x32\...\IDrive_is1) (Version: 6.0 - Pro Softnet Corp)
Intel® Chipset Device Software (HKLM-x32\...\{70281077-96c3-4f75-938c-dc4746110c00}) (Version: 10.1.17903.8106 - Intel® Corporation)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 1846.12.0.1177 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 23.20.16.5017 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 17.2.4.1011 - Intel Corporation)
Intel® Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Trusted Connect Services Client (HKLM-x32\...\{99ee3c29-c7cd-450f-8db9-d43cc49de1c7}) (Version: 1.50.638.1 - Intel Corporation) Hidden
Intel® Optane™ Pinning Explorer Extensions (HKLM\...\{C81FD018-F151-460F-B4F9-0D58039503E2}) (Version: 17.2.4.9002 - Intel Corporation)
Jihosoft Phone Transfer version 3.4.2.0 (HKLM-x32\...\{116B8806-B959-4600-8591-35E60440BD3D}_is1) (Version: 3.4.2.0 - HONGKONG JIHO CO., LIMITED)
Logitech Options (HKLM\...\LogiOptions) (Version: 7.14.70 - Logitech)
McAfee LiveSafe (HKLM-x32\...\MSC) (Version: 16.0 R20 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.0.80 - McAfee, LLC.)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 16.0.11727.20244 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 68.0.1 (x64 en-US) (HKLM\...\Mozilla Firefox 68.0.1 (x64 en-US)) (Version: 68.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 65.0.2 - Mozilla)
MusicTime Deluxe (HKLM-x32\...\MusicTime Deluxe 4.0.4) (Version: 4.0.4 - Passport)
MusicTime Deluxe 3.5.5 (HKLM-x32\...\MusicTime Deluxe 3.5.5) (Version: - )
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11727.20244 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.3.15 - Qualcomm Atheros)
Qualcomm WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8642 - Realtek Semiconductor Corp.)
RootsMagic 3.2.1.1 (HKLM-x32\...\RootsMagic_is1) (Version: - RootsMagic, Inc.)
RootsMagic 7.5.9.0 (HKLM-x32\...\{D6286873-A757-4A4D-A6EF-0081B3EE32CA}_is1) (Version: RootsMagic 7.5.9.0 - RootsMagic, Inc.)
SmartByte Drivers and Services (HKLM\...\{01F01829-4C5A-41B0-8198-0BDD02B34C47}) (Version: 2.0.643 - Rivet Networks)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{FBA3961B-D1DF-493C-BC1F-E67D3B832895}) (Version: 2.56.0.0 - Microsoft Corporation)
Update for Windows 10 for x64-based Systems (KB4480730) (HKLM\...\{344F3227-F502-4219-9DC4-1967E586FAFA}) (Version: 2.51.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.1.70.0 (HKLM\...\VulkanRT1.1.70.0) (Version: 1.1.70.0 - LunarG, Inc.) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22391 - Microsoft Corporation)
Windows Driver Package - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows Driver Package - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Wondershare TunesGo ( Version 9.7.3 ) (HKLM-x32\...\{0B31C808-8274-460D-8846-C711D40544A0}_is1) (Version: 9.7.3 - Wondershare)
Packages:
=========
Audacity 2 -> C:\Program Files\WindowsApps\42109FactoriaDatacenter.Audacity2_2.3.2.0_neutral__zaf1c6h4vqsbt [2019-05-29] (Repackagerexpress.com)
Candy Crush Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSaga_1.1550.4.0_x86__kgqvnymyfvs32 [2019-07-16] (king.com)
Cooking Fever -> C:\Program Files\WindowsApps\NORDCURRENT.COOKINGFEVER_5.0.0.3_x86__m9bz608c1b9ra [2019-06-11] (Nordcurrent)
Dell Customer Connect -> C:\Program Files\WindowsApps\DellInc.DellCustomerConnect_5.2.17.0_x64__htrsf667h5kn2 [2018-11-21] (Dell Inc)
Dell Digital Delivery -> C:\Program Files\WindowsApps\DellInc.DellDigitalDelivery_4.0.36.0_x64__htrsf667h5kn2 [2019-04-11] (Dell Inc)
Dell Mobile Connect -> C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0 [2019-05-01] (Screenovate Technologies)
Dell SupportAssist for PCs -> C:\Program Files\WindowsApps\DellInc.DellSupportAssistforPCs_3.2.5.0_x64__htrsf667h5kn2 [2019-05-29] (Dell Inc)
Dell Update -> C:\Program Files\WindowsApps\DellInc.DellUpdate_3.0.160.0_x64__htrsf667h5kn2 [2019-03-18] (Dell Inc)
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_20.4.1.0_x64__xbfy0k16fey96 [2019-06-08] (Dropbox Inc.)
Fitbit Coach -> C:\Program Files\WindowsApps\Fitbit.FitbitCoach_4.4.133.0_x64__6mqt6hf9g46tw [2019-03-18] (Fitbit)
Free Instant Youtube Downloader -> C:\Program Files\WindowsApps\356E5ED5.FreeInstantYoutubeDownloader_1.5.0.0_x64__n9erwrkheyjxe [2019-07-18] (Prospera Software Inc.) [MS Ad]
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa [2019-07-23] (Apple Inc.)
Libby, by OverDrive -> C:\Program Files\WindowsApps\2FA138F6.LibbybyOverDrive_1.4.2.0_x64__daecb9042jmvt [2019-07-20] (OverDrive Inc.)
LinkedIn -> C:\Program Files\WindowsApps\7EE7776C.LinkedInforWindows_2.1.7098.0_neutral__w1wdnht996qgy [2019-03-18] (LinkedIn)
Mail and Calendar -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-09] (Microsoft Corporation) [MS Ad]
McAfee Security -> C:\Program Files\WindowsApps\5A894077.McAfeeSecurity_1.4.3.0_x64__wafk5atnkzcwy [2019-03-18] (McAfee Inc.)
Media Suite Essentials for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.MediaSuiteEssentialsforDell_2.4.2725.0_x86__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
Meme-Generator -> C:\Program Files\WindowsApps\8840NaveenCS.Meme-Generator_3.3.0.0_neutral__20e0kv46hk748 [2019-04-27] (Naveen CS)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-19] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-18] (Microsoft Studios) [MS Ad]
MPEG-2 Video Extension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2019-03-18] (Microsoft Corporation)
MSN Weather -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-20] (Microsoft Corporation) [MS Ad]
My Dell -> C:\Program Files\WindowsApps\DellInc.MyDell_1.1.249.0_x64__htrsf667h5kn2 [2019-04-30] (Dell Inc)
Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.93.478.0_x64__mcm4njqhnhss8 [2019-06-26] (Netflix, Inc.)
Photos Add-on -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2019-03-25] (Microsoft Corporation)
Phototastic Collage -> C:\Program Files\WindowsApps\ThumbmunkeysLtd.PhototasticCollage_2.2.9.0_x64__nfy108tqq3p12 [2019-03-18] (Thumbmunkeys Ltd) [MS Ad]
Plex -> C:\Program Files\WindowsApps\CAF9E577.Plex_3.2.20.0_x64__aam28m9va5cke [2019-03-18] (Plex)
Power Media Player for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerMediaPlayerforDell_14.1.9506.0_x86__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
Power2Go for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.Power2GoforDell_8.0.8908.0_x86__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
PowerDirector for Dell -> C:\Program Files\WindowsApps\DB6EA5DB.PowerDirectorforDell_15.0.4409.0_x64__mcezb6ze687jp [2019-03-18] (CYBERLINK CORPORATION.)
SHARE.it -> C:\Program Files\WindowsApps\30608Paradox.SHAREit81_1.7.18.0_x64__ghshvk1r7eapp [2019-04-30] (SHAREit Technologies Co.Ltd) [MS Ad]
Slack -> C:\Program Files\WindowsApps\91750D7E.Slack_4.0.1.0_x64__8she8kybcnzg4 [2019-07-28] (Slack Technologies Inc.)
SmartByte -> C:\Program Files\WindowsApps\RivetNetworks.SmartByte_2.5.713.0_x64__rh07ty8m5nkag [2019-04-23] (Rivet Networks LLC)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_5.5.14.0_x64__8wekyb3d8bbwe [2019-07-03] (Microsoft Corporation)
Waves MaxxAudio Pro for Dell -> C:\Program Files\WindowsApps\WavesAudio.WavesMaxxAudioProforDell_1.1.131.0_x64__fh4rh281wavaa [2019-03-18] (Waves Audio)
Zalo Desktop -> C:\Program Files\WindowsApps\VNGOnline.Zalofordesktop_18.11.2.0_x64__z59ddpn1nx8g0 [2019-04-30] (VNG Online)
ZAPYA -> C:\Program Files\WindowsApps\EBAC32FB.ZAPYA_1.2.6.0_x86__7pjp2xjm0bc9w [2019-04-30] (邻动(北京)技术有限公司)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ 0001IDSIcon1] -> {0FA6DCC0-CF0B-427D-A8AF-97C466AB5769} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2019-02-25] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ 0001IDSIcon2] -> {66357BBE-D2E5-453C-95FF-8102EB32419D} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2019-02-25] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ 0001IDSIcon3] -> {904E6336-8B13-43FA-B4C3-5B62C1C91971} => C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll [2019-02-25] (Pro-Softnet Corporation, U.S.A) [File not signed]
ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ OptaneIconOverlay] -> {A3AF6F6C-8BED-3D93-8B5D-33427B5D38E9} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed]
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2019-02-25] () [File not signed]
ContextMenuHandlers1: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-06-28] (McAfee, LLC. -> McAfee, LLC.)
ContextMenuHandlers2: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2019-02-25] () [File not signed]
ContextMenuHandlers3: [OptaneContextMenu] -> {AD7EBB13-617D-3270-8FA8-46583499C4FB} => C:\Program Files\Intel\OptaneShellExtensions\OptaneShellExt.dll [2019-02-25] () [File not signed]
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [IDriveMenu] -> {AFBFEC11-0FD5-48ED-B8AF-315197F09A82} => C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll [2019-02-25] () [File not signed]
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\32.0.11.0\drivefsext.dll [2019-06-27] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\cui_component.inf_amd64_0219cc1c7085a93f\igfxDTCM.dll [2018-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [McCtxMenuFrmWrk] -> {CCA9EFD3-29ED-430A-BA6D-E6BBFF0A60C2} => C:\Program Files\McAfee\MSC\McCtxMenuFrmWrk.dll [2019-06-28] (McAfee, LLC. -> McAfee, LLC.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2019-03-18 10:16 - 2019-02-25 16:34 - 000601600 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\IDContextMenu.dll
2019-03-18 10:16 - 2019-02-25 16:34 - 000834048 _____ () [File not signed] C:\Program Files (x86)\IDriveWindows\sqlite3.dll
2019-06-25 20:37 - 2019-06-25 20:37 - 000144896 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\libssh2.dll
2019-06-25 20:37 - 2019-06-25 20:37 - 000077824 _____ () [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\zlib.dll
2015-05-07 14:58 - 2015-05-07 14:58 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XercesLib.dll
2011-08-30 08:06 - 2011-08-30 08:06 - 000267776 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNBLM4.DLL
2019-03-19 05:52 - 2012-08-30 11:18 - 000252416 _____ (CANON INC.) [File not signed] C:\WINDOWS\System32\CNMN6PPM.DLL
2019-03-18 09:21 - 2011-08-30 08:06 - 000084992 _____ (CANON INC.) [File not signed] C:\WINDOWS\system32\spool\PRTPROCS\x64\CNBPP4.DLL
2015-05-07 14:58 - 2015-05-07 14:58 - 000233472 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\ANT_WrappedLib.dll
2015-05-07 14:58 - 2015-05-07 14:58 - 003258880 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\legacyio.dll
2015-05-07 14:58 - 2015-05-07 14:58 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\XMLdll.dll
2019-02-25 14:15 - 2019-02-25 14:15 - 000126976 _____ (Intel Corporation) [File not signed] C:\Program Files\Intel\OptaneShellExtensions\iaStorAfsServiceApi.dll
2019-03-18 10:16 - 2019-02-25 16:34 - 000874496 _____ (Pro-Softnet Corporation, U.S.A) [File not signed] C:\Program Files (x86)\IDriveWindows\IDSyncIntIcon64.dll
2018-12-04 12:10 - 2018-12-04 12:10 - 000100864 _____ (Rivet Networks) [File not signed] C:\Program Files\Rivet Networks\SmartByte\KillerNetworkServicePS.dll
2015-05-07 14:58 - 2015-05-07 14:58 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Device Interaction Service\DSI_SiUSBXp_3_1.DLL
2019-06-25 20:37 - 2019-06-25 20:37 - 000355840 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBCURL.dll
2019-03-19 17:12 - 2014-04-16 07:35 - 001277440 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\RootsMagic 7\libeay32.dll
2019-03-19 17:12 - 2014-04-16 07:35 - 000336384 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\RootsMagic 7\ssleay32.dll
2019-06-25 20:37 - 2019-06-25 20:37 - 002286747 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\LIBEAY32.dll
2019-06-25 20:37 - 2019-06-25 20:37 - 000416627 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\ProgramData\Logishrd\LogiOptions\Software\Current\laclient\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ModuleCoreService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeplk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ModuleCoreService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-11 19:38 - 2018-04-11 19:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jhauk\Desktop\2019 May at South Haven Beach.jpg
DNS Servers: 192.168.1.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "DellMobileConnectWelcome"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1015540938-3996997567-1391499832-1001\...\StartupApproved\Run: => "Zalo"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{482CD256-9F6B-400E-B563-E6821169580F}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C2006FCD-AD51-45E0-B4A4-B874E7474F91}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{979A3321-62D5-4541-AC7E-D9DEB4C01C80}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{9C957B72-520A-4384-BB0E-2897820A7E85}] => (Allow) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{F41D3CF7-8B60-4778-A299-FA0C9309D066}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MMSSHost\MMSSHost.exe (McAfee, LLC. -> McAfee, LLC.)
FirewallRules: [{89D65443-584D-48DC-A38E-6BE9F80BDDA4}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{3CCD0D2F-7B41-449B-8767-825E9AFF193B}] => (Allow) C:\Program Files\WindowsApps\ScreenovateTechnologies.DellMobileConnect_2.0.8168.0_x64__0vhbc3ng4wbp0\app\DellMobileConnectClient.exe (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
FirewallRules: [{A3F24A6B-461A-4EAC-8867-92FD454D1FDA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7B8AACDC-29DB-443B-ABAB-62995E0F4977}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5CFA8C87-6918-475D-9E41-95647A28B7E8}] => (Allow) C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.EXE (Logitech Inc -> Logitech, Inc.)
FirewallRules: [{1D63943E-EDFB-4ACF-BBB8-AEBFD0635202}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{B118687B-34EE-4BCC-BCE5-9150D8631A67}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{571C2CEB-25F9-42C4-A6F0-4EFE94CFAD8B}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{92066FAD-8CC9-441D-8C27-3181DD538E10}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{29F33122-D095-43EC-8188-84E788DC3BF8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2C0DC438-0552-4063-B7E4-E06593660811}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{814FCDD4-8CE4-4722-9547-4BCBF65092ED}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C2F817C7-1D48-454D-8E82-2F45E06AAF31}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
==================== Restore Points =========================
29-07-2019 08:17:48 Scheduled Checkpoint
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/30/2019 10:33:13 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (07/30/2019 10:33:13 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (07/30/2019 10:33:12 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (07/30/2019 10:33:12 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (07/30/2019 10:33:11 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (07/30/2019 10:33:11 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (07/30/2019 10:33:10 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
Error: (07/30/2019 10:33:10 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Error while updating status to SECURITY_PRODUCT_STATE_OFF.
System errors:
=============
Error: (07/30/2019 10:33:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/30/2019 10:33:05 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/30/2019 10:30:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/30/2019 10:30:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/30/2019 10:30:12 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 10:03:42 AM on 7/30/2019 was unexpected.
Error: (07/30/2019 10:14:01 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-6JBP3L9)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
and APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
to the user DESKTOP-6JBP3L9\jhauk SID (S-1-5-21-1015540938-3996997567-1391499832-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/30/2019 10:06:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.SecurityAppBroker
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (07/30/2019 10:06:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Launch permission for the COM Server application with CLSID
Windows.SecurityCenter.WscBrokerManager
and APPID
Unavailable
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
CodeIntegrity:
===================================
Date: 2019-06-13 07:07:30.659
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Installer\MSIAD2E.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Dell Inc. 2.13.0 05/29/2019
Motherboard: Dell Inc. 0H4VK7
Processor: Intel® Core i3-8100 CPU @ 3.60GHz
Percentage of memory in use: 77%
Total physical RAM: 8006.97 MB
Available physical RAM: 1823.11 MB
Total Virtual: 10054.97 MB
Available Virtual: 2973.27 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:917.05 GB) (Free:755.98 GB) NTFS
Drive g: (Google Drive File Stream) (Fixed) (Total:917.05 GB) (Free:718.18 GB) FAT32
\\?\Volume{ddeb6c84-810c-46a1-aec6-44f8c7ccad3a}\ (WINRETOOLS) (Fixed) (Total:0.97 GB) (Free:0.55 GB) NTFS
\\?\Volume{df0a5467-a661-4a6f-af6f-55c9d5055271}\ (Image) (Fixed) (Total:11.66 GB) (Free:0.22 GB) NTFS
\\?\Volume{5da840b2-c364-4272-bd43-d66afc350687}\ (DELLSUPPORT) (Fixed) (Total:1.07 GB) (Free:0.48 GB) NTFS
\\?\Volume{7f86ac07-f133-4645-b879-12d32c99ea96}\ (ESP) (Fixed) (Total:0.63 GB) (Free:0.56 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 926B0D78)
Partition: GPT.
==================== End of Addition.txt ============================